Cisco CCNA mock exam questions sample test – Question 234

.Which Cisco IOS command is used on a Catalyst 2950 series switch to verify the port security configuration of a switch port?

A. show interfaces port-security
B. show port-security interface
C. show ip interface
D. show interfaces switchport


Correct Answer: B

Explanation:
The show port-security interface command displays the current port security and status of a switch port, as in this sample output:
The sample output indicates that port security has been enabled on interface FastEthernet0/1, and that a maximum of two MAC addresses has been configured. A violation policy of
Shutdown indicates that if a third MAC address attempts to make a connection, the switch port will be disabled.
The violation mode setting has three possible values that take the following actions when a violation occurs:
protect Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value.
restrict Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and causes the
SecurityViolation counter to increment. It will send a Syslog message and an SNMP trap as well.
shutdown Puts the interface into the error-disabled state immediately and sends an SNMP trap notification
The show ip interface command is incorrect because it displays protocol-related information about an interface, and nothing pertaining to switch port security.
The show interfaces switchport command is incorrect because it displays non-security related switch port information, such as administrative and operational status and trunking.
The show interfaces port-security command is incorrect because this is not a valid Cisco command.
Objective:
Infrastructure Security
Sub-Objective:
Configure, verify, and troubleshoot port security